Hackers stole more than $150 million from KuCoin cryptocurrency exchange

Singapore-based cryptocurrency exchange KuCoin disclosed a security breach, hackers stole $150 million from its hot wallets.

Singapore-based cryptocurrency exchange KuCoin disclosed a major security incident, the hackers breached its hot wallets and stole all the funds, around $150 million.

Deposits and withdrawals have been temporarily suspended while the company is investigating the security incident.

“We detected some large withdrawals since September 26, 2020 at 03:05:37 (UTC+8). According to the latest internal security audit report, part of Bitcoin, ERC-20 and other tokens in KuCoin’s hot wallets were transferred out of the exchange, which contained few parts of our total assets holdings.” reads a statement published by the company. “The assets in our cold wallets are safe and unharmed, and hot wallets have been re-deployed.”

Hot wallet refers to any cryptocurrency wallet that is connected to the internet, for this reason, they are more exposed to cyber attacks.

Hot wallets are used as temporary storage systems for assets that are currently being exchanged on the exchange.

Cold storage refers to any cryptocurrency wallet that is not connected to the internet, for this reason, they are considered more secure. They usually don’t contain as many cryptocurrencies as do many of the hot wallets.

KuCoin discovered the security breach on September 26 when its staff noticed some large withdrawals from its hot wallets.

The exchange immediately investigated the anomalous operations and discovered the cyber heist of Bitcoin assets, ERC-20-based tokens, along with other cryptocurrencies.

The overall amount of funds stolen by the hackers is greater than $150 million, based on an Etherium address where the stolen funds were transferred.

Today (September 26, 2020), KuCoin CEO Johnny Lyu will provide additional details about the incident in a live stream at 12:30 (UTC+8).

The exchange plans to refund its users using its cold wallets.

This incident is one of the biggest hack ever reported, below a list of most prominent incidents.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Norway)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.